Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20994 | 1 Google | 1 Android | 2023-03-29 | N/A | 6.7 MEDIUM |
| In _ufdt_output_property_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259062118 | |||||
| CVE-2023-20936 | 1 Google | 1 Android | 2023-03-29 | N/A | 7.8 HIGH |
| In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-226927612 | |||||
| CVE-2023-20951 | 1 Google | 1 Android | 2023-03-29 | N/A | 9.8 CRITICAL |
| In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258652631 | |||||
| CVE-2023-21038 | 1 Google | 1 Android | 2023-03-29 | N/A | 6.7 MEDIUM |
| In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224000736References: N/A | |||||
| CVE-2023-24295 | 1 Softmaker | 1 Flexipdf | 2023-03-28 | N/A | 7.8 HIGH |
| A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows attackers to execute arbitrary code after opening a crafted PDF file. | |||||
| CVE-2023-20956 | 1 Google | 1 Android | 2023-03-28 | N/A | 4.4 MEDIUM |
| In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-240140929 | |||||
| CVE-2022-42499 | 1 Google | 1 Android | 2023-03-28 | N/A | 9.8 CRITICAL |
| In sms_SendMmCpErrMsg of sms_MmConManagement.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242001391References: N/A | |||||
| CVE-2022-42498 | 1 Google | 1 Android | 2023-03-28 | N/A | 9.8 CRITICAL |
| In Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240662453References: N/A | |||||
| CVE-2023-20966 | 1 Google | 1 Android | 2023-03-28 | N/A | 7.8 HIGH |
| In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242299736 | |||||
| CVE-2021-43313 | 1 Upx Project | 1 Upx | 2023-03-28 | N/A | 7.5 HIGH |
| A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688. | |||||
| CVE-2021-43312 | 1 Upx Project | 1 Upx | 2023-03-28 | N/A | 7.5 HIGH |
| A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239. | |||||
| CVE-2021-43311 | 1 Upx Project | 1 Upx | 2023-03-28 | N/A | 7.5 HIGH |
| A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382. | |||||
| CVE-2021-43317 | 1 Upx Project | 1 Upx | 2023-03-28 | N/A | 7.5 HIGH |
| A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404 | |||||
| CVE-2021-43315 | 1 Upx Project | 1 Upx | 2023-03-28 | N/A | 7.5 HIGH |
| A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349 | |||||
| CVE-2021-43314 | 1 Upx Project | 1 Upx | 2023-03-28 | N/A | 7.5 HIGH |
| A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5368 | |||||
| CVE-2021-43316 | 1 Upx Project | 1 Upx | 2023-03-28 | N/A | 7.5 HIGH |
| A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64(). | |||||
| CVE-2023-20952 | 1 Google | 1 Android | 2023-03-28 | N/A | 5.5 MEDIUM |
| In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-186803518 | |||||
| CVE-2023-27249 | 1 Swftools | 1 Swftools | 2023-03-27 | N/A | 5.5 MEDIUM |
| swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c. | |||||
| CVE-2023-27077 | 1 360 | 2 D901, D901 Firmware | 2023-03-27 | N/A | 7.5 HIGH |
| Stack Overflow vulnerability found in 360 D901 allows a remote attacker to cause a Distributed Denial of Service (DDOS) via a crafted HTTP package. | |||||
| CVE-2023-27754 | 1 Vox2mesh Project | 1 Vox2mesh | 2023-03-27 | N/A | 5.5 MEDIUM |
| vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy() funciton. The flow allows an attacker to cause a denial of service (abort) via a crafted file. | |||||